Posted: Sat Dec 23, 2006 3:18 pm Post subject: Got this in an e-mail from a friend..think it will work?

I learned a computer trick today that's really ingenious in its
simplicity. As you may know, when/if a worm virus gets into your
computer it heads straight for your email address book, and sends
itself to everyone in there, thus infecting all your friends and
associates.

This trick won't keep the virus from getting into your computer,
but it will stop it from using your address book to spread
further, and it will alert you to the fact that the worm has
gotten into your system.

Here's what you do:

First, open your address book and click on "new contact," just as
you would do if you were adding a new friend to your list of email
addresses.

In the window where you would type your friend's first name, type
in "A".

For the screen name or email address, type "AAAAAAA@AAA.AAA".

Now, here's what you've done and why it works:

The "name" "A" will be placed at the top of your address book as entry #1.
This will be where the worm will start in an effort to send itself to all
your friends.

But, when it tries to send itself to AAAAAAA@AAA.AAA, it will be
undeliverable because of the phony email address you entered.
If the first attempt fails (which it will because of the phony address),
the worm goes no further and your friends will not be infected.

Here's the second great advantage of this method:

If an email cannot be delivered, you will be notified of this in
your In Box almost immediately.
Hence, if you ever get an email telling you that an email
addressed to AAAAAAA@AAA.AAAA could not be delivered, you know
right away that you have the worm virus in your system. You can then
take steps to get rid of it! Pretty slick huh?

If everybody you know does this then you need not ever worry about
opening mail from friends

If the first attempt fails (which it will because of the phony address), the worm goes no further and your friends will not be infected.

I don't think that's accurate based on what I've seen and read. An email worm can send itself many times before the first email even gets delivered, or attempts to be delivered.

Quote:

If everybody you know does this then you need not ever worry about opening mail from friends

Again, I don't think that's accurate. It sounds to me like one of those Urban Legends that goes around and around in emails...

If you have some proof or links that document this, please post it. Otherwise, you shoudn't spread innacurate information or information that you can't back up with facts. It could actually be harmful to others who might believe it, and subsequently be careless about opening emails._________________Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn.

The basic idea behind the "trick" is to create a dummy e-mail contact entry which would be named so that it would be first in the address book list, without an actual associated e-mail address. In theory, this contact would come up before any valid contacts, and would fail when accessed by a mass-mailer because it has no e-mail address thus giving the user the option to stop the mass-mailing. This trick might work for some mass-mailing worms, but it wouldn't stop the majority of worms which use e-mail to spread.

We are advising users who receive the email to delete it and DO NOT pass it on as this is how an email HOAX propagates.

This email hoax describes a supposed technique to protect an address book from being used by worms in their propagation routines.

It claims that when a user creates a fake address as the first entry in an address book, worms will not be able to send themselves to the rest of the valid recipients listed in the address book.

The fake address which this hoax advises users to create has the letters AAAAAAA. Another known variant of this hoax uses !0000, instead of AAAAAAA.

Although the claims of this email message is not entirely false because it may be used against some old worms, it is not sufficient to prevent infection.

Trend Micro advises users to ignore email messages with these contents and to stop its spread by NOT sending this hoax to other users.

merlot_1, sorry to be hard on you here, but this is exactly the kind of misinformation that should *Not* be spread!

If you told any of your friends this or posted it anywhere else, you need to go back and tell them that you were wrong and it is NOT true. Please for your own sake, check out any such information before spreading it around.

I found the above links by Googling the phrase:

Quote:

the worm goes no further and your friends will not be infected hoax

If you had checked it out before you posted it, you would have found the same links I did and realized it was not true.

This is one of my pet peeves... people used to send me Urban Legends by email frequently and I learned how to check to see if they were true. I always notified the sender that it was a hoax and gave them a bad time about it, just like I'm giving you a bad time about it now. Now no one sends me these things anymore.

As soon as I read it, I also thought, "Nah, this cannot possibly be the case".

Worms won't care whether the email addresses in your address book are valid or not; they'll just send themselves out to all and sundry willy-nilly. Why should it wait for the first one to send and give time for a bounce? It won't!

So I'm with Suzi here also, even without having read the links to the hoax debunking sections of those AV vendors' sites.

Sorry merlot_1, I know this might come across as us "ganging-up" on you, but we're not; it's important not only to know that something is a hoax, but also why it's a hoax.

In time, after you've received a number of them, you'll get a feel for them. Some very "switched-on" friends of mine have forwarded hoaxes to me, and one was almost taken in by a pyramid saving scheme scam until two of us pointed it out to her.

Typically, I'll Google some text from the suspect message to "prove" that it's a hoax, and if so (usually the case), will reply to the sender advising them and giving links to where the hoax is debunked.

On one occasion ONLY, I used "Reply all" to reply to everyone to whom the message had been sent. This was a message that went round telling people to delete a legitimate Windows file, claiming that it was a virus. In that instance, I also linked an article for people to use in case they had followed the instructions in the "mind virus" to remove that valid Windows file._________________If you don't know what eschatology is then don't worry; it's not the end of the world.

On one occasion ONLY, I used "Reply all" to reply to everyone to whom the message had been sent. This was a message that went round telling people to delete a legitimate Windows file, claiming that it was a virus. In that instance, I also linked an article for people to use in case they had followed the instructions in the "mind virus" to remove that valid Windows file.

I believe that was the one where you deleted the file with the teddy bear icon.